Mobile devices are increasingly becoming part of every aspect of life, from making calls and sending text messages to playing music, keeping calendars, and even booking dinner reservations and hailing cabs. Some organizations are taking advantage of the ubiquity of mobile devices by incorporating users' mobile devices into their internal networks. However, while computing devices owned by an organization may be subject to certain security policies or configured with certain security software, users' personal mobile devices are often not subject to the same level of control by the organization. A user's personal mobile device may thus be less secure than other computing devices owned by an organization and may therefore be at a higher risk for malware infection.
In addition, users within an organization may choose to root their mobile devices in order to modify protected systems or settings on their devices. Although this may increase a device's versatility, this rooting process may expose the device to malware and/or otherwise decrease the state of security of the device. Unfortunately, traditional systems for detecting whether mobile devices have been rooted (and thus represent an increased security risk) may suffer from many limitations. For example, some traditional systems may only check for indicators that can be easily masked or hidden on a rooted device. Other traditional systems may only check for installed applications or specific setting modifications that may not be present on all rooted devices. An infected personal mobile device may spread malware throughout an organization's network, so it is important that personal mobile devices be kept as secure as possible. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for identifying rooted mobile devices that may represent an increased security risk within an organization.